Iran TerrorismNew Cybersecurity Threat From Iran

New Cybersecurity Threat From Iran


New cybersecurity threat from Iran

Iran Focus

London, 26 July – An American cybersecurity company has revealed their findings on a new “highly active” espionage group – believed to be Iranian – that is breaking into the networks of government organizations and other firms located in the Middle East.

On Wednesday, Symantec said that the hacking collective known as “Leafminer” has been targeting Saudi Arabia, the United Arab Emirates, Qatar, Kuwait, Bahrain, Egypt, Israel and Afghanistan. The roughly 800 organisations targeted cut across several sectors, including energy, telecommunications, financial services, transportation and government.

Vikram Thakur, technical director at Symantec, said Leafminer has been active since early 2017, but has significantly increased its attacks since the end of last year.

Why do they think that the hackers are Iranian?

Well, mainly because the list of organisations to target was written in Farsi. However, there is also the matter of the countries that have been targeted.

Thakur said: “All the target organizations, they have some kind of political discourse ongoing with Iran, and Iran is actually missing from the list themselves. From an analytics perspective, that just adds to the fact that they’re likely to be from Iran.”

While this doesn’t prove that the hackers were directed by Iran, Thakur said it is a possibility.

However, if you’ve been closely following the topic of Iranian cyber espionage, you’ll soon realise that it would not be unusual for Iran to direct hackers.

Indeed, many security professionals have reported that Iranian cyber-attacks have been growing in size, scale, and sophistication in recent years, likely due to investment by the Iranian mullahs.

In March, Thakur said: “What we’ve noticed of the overall picture that the number of attacks that are originating from that geography is much, much higher than seven or eight years ago. In the coming years, we’d expect Chafer [the Iranian hacking group they revealed in February] as well as other cyber actors originating from Iran to continue increasing their volumes of attack as well as their list of victims.”

It’s also worth noting that most independent hacking groups would be targeting organisations that they could profit from (i.e. demanding a ransom not to leak the information), rather than spy on the agencies.

They would also be more likely to target private companies, who would prefer to hide the attack, rather than government agencies that would be looking to prosecute hackers.

It seems there can be no real doubt that Iran is behind these attacks.

Latest news

What Is Happening in Iran?

Following the brutal killing of Masha Amini, the Iranian people have once again united to fight and defeat the...

Iran Regime’s Ministry of Culture’s Decision To Eliminate Children’s Intellectual Centers

With the so-called ‘Cultural Revolution’ which took place between 1980 and 1983, the Iranian regime tried to purge the...

Water Shortage Crisis and the Destruction of Iran’s Water Resources

Iran is currently suffering from a number of dangerous natural disasters. One of the most worrying is the drying...

Economic Freedom Under the Rule of the Mullahs in Iran

The Fraser institute published its annual report of the index of economic freedom on September 8, which measured the...

Iran’s Regime Continues Its Internet Restriction Project

This is part of the outlook of a document by the Iranian regime’s Supreme Council of Cyberspace, which has...

Iran’s Human Development Index Dropped Sharply

One of the most common questions asked in primary schools by teachers all over the world is, “wealth or...

Must read

Iran says its warships have left the Mediterranean

AFP: Two Iranian warships, which entered the Mediterranean last...

Iranian Political Prisoners on Hunger Strike

By Jubin Katiraie Four Iranian political prisoners remain on...

You might also likeRELATED
Recommended to you